|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Daniel Hartmeier (daniel
benzedrine.cx)Date: Mon Jul 01 2002 - 19:25:48 CDT
On Mon, Jul 01, 2002 at 06:43:23PM -0500, meeps wrote:
> pass in all
> pass out all
>
> and *still* can't pptp through my 3.0 firewall to my corporate pptp server,
> from tcpdump it would appear there is still a problem passing gre, is there
> something im blatantly missing here? is there a problem with the version of
> pf included in 3.0?? thanks...
There might be IP options on those packets, which pf blocks by default.
Try 'pass ... allow-opts', and if that solves it, add 'allow-opts' to
the smallest subset of rules (passing GRE) of your real rule set.
Daniel
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]